Tuesday, April 5, 2011

CBI Website Defacement Investigation In Progress

It has been more than four months since the website of central bureau of investigation (CBI) was defaced by accused Pakistani cyber army. There has been a constant cyber fights between so called Indian cyber army and Pakistani cyber army.

However, by and large these cyber fights have remained to be works of mere script kiddies alone. Much more sophisticated cyber attacks are in progress and some of them are even untraceable for the time being.

As per the recent media report, the CBI has identifies the source of these cyber attacks. According to CBI the portals located at US and Latvia were used to launch the cyber attacks upon CBI site.

CBI along with Computer Emergency Response Team-India (CERT-In) has produced a report in the court of Chief Metropolitan Magistrate Vinod Yadav and has requested the permission to approach authorities in the US and Latvia for collecting required information from technical incharge/ administrators/ web managers of the said portals. Their statements will be recorded so as to ascertain the users of the Internet protocol address (IP address) through which the attack on the website was committed.

However, the chances of catching the culprits are very dim, claims Praveen Dalal, managing partner of New Delhi base techno legal firm Perry4Law and leading techno legal expert of India. This is because of two reasons. Firstly, it has been more than Four Months since the attack took place. Till now most of the Logs would have been either deleted, tampered with or modified, informs Dalal. Secondly, there are great chances that Insecure Wireless Connection must have been used for committing this attack, informs Dalal. This makes it next to impossible to detect the true identity of the attacker after this long delay, claims Dalal.

Moving the court, the CBI sought issuance of letters of request to the US Department of Justice and Latvia’s Ministry of Justice for legal assistance. The CBI said that it was essential to get the user details of the three IP addresses in order to locate and ascertain the present whereabouts of the users and examine them on their role in the hacking. The application stated that besides drawing out necessary information from the incharges of the web portals to elicit names, addresses, e-mail addresses and other details of the users, certain documents and articles were also to be collected.

However, what is not understandable is why it took CERT-In and CBI four months to retrieve the crucial IP addresses. This delay is going to cost them crucial evidence that would have been lost as per the experts. I wish CBI and CERT-In all the best and see if they get any evidence out of the portals mentioned by them.